通过标头中的 WCF 将许可证密钥从客户端发送到服务器
我想使用许可证密钥针对我的中心对应用程序服务器进行身份验证,并且我不想将其作为参数包含在我的调用中。
我已经实现了自定义 ServiceAuthorizationManager,但我不确定在客户端设置此许可证密钥的最佳方法和位置是什么。
我在下面尝试了(我的方法可能完全错误),
<endpoint address="http://127.0.0.1:8000/ApiDataService" binding="wsHttpBinding"
contract="MyInterfaces.IApiDataService">
<headers>
<LicenseKey>MyLicenseKey</LicenseKey>
</headers>
</endpoint>
然后在 ServiceAuthorizationManager.CheckAccessCore(OperationContext operationContext) 中
我设法通过以下方式找到标头的索引:
operationContext.RequestContext.RequestMessage.Headers.FindHeader("LicenseKey", "")
但检索到的 HeaderInfo 不再包含我的内容。 我确信它在 operationContext.RequestContext 中,所以我应该能够以某种方式捕获它。
- 有什么想法吗?
- 有没有更好/标准的方法来做到这一点?
- 我应该使用
元素?
我非常乐意使用操作Context.ServiceSecurityContext,但我不知道如何在客户端设置它以及在哪里放置我的自定义许可证密钥。
我有多个端点,因此我希望将许可证密钥放在一个位置。从代码中设置它会更好。
谢谢
I want to authenticate app server against my central with license key and I do not want to include it as a parameter in my calls.
I have implemented custom ServiceAuthorizationManager but I am not sure what is the best way and place to set this licenseKey on client side.
I tried below (I might be completely wrong with approach)
<endpoint address="http://127.0.0.1:8000/ApiDataService" binding="wsHttpBinding"
contract="MyInterfaces.IApiDataService">
<headers>
<LicenseKey>MyLicenseKey</LicenseKey>
</headers>
</endpoint>
then in ServiceAuthorizationManager.CheckAccessCore(OperationContext operationContext)
I have managed to find a header's index via:
operationContext.RequestContext.RequestMessage.Headers.FindHeader("LicenseKey", "")
but retrieved HeaderInfo does not have my content any more.
I am sure it is in operationContext.RequestContext so I should be able to capture it somehow.
- Any idead how?
- Is there any nicer/standard way of doing this?
- Should I use <identity\> element?
I am more than happy to use operationContext.ServiceSecurityContext but I do not know how to set it up on client side and where to place my custom license key.
I have multiple endpoints so I would prefer to have a single place for my license key. Setting it from code would be even better.
Thanks
此处的这篇文章 WCF 中的全球化模式(WS-I18N 实现) 可能会引起您的兴趣向您演示如何使用 WCF 带外机制发送和接收自定义信息。这是关于全球化,当然不是许可,但问题似乎有些相似。
This article here Globalization Patterns in WCF (WS-I18N implementation) may be of interest to you as it demonstrate how to use WCF out-of-band mechanisms to send and receive custom information. It's about globalization, not licensing of course, but the problem seems somewhat similar.